Problem with AD-Integrated DNS

Home Forums Microsoft Networking and Management Services DNS Problem with AD-Integrated DNS

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    mhashemi
    Member
    #156552

    We’re seeing many of our clients with the error below. We’ve got an AD-Integrated DNS environment with three DCs (Server 2008R2) in two AD sites. When I look at the DNS zone properties, dynamic updates are set to “Secure only” and we’re set to scavange stale resource records. The no-refresh and refresh intervals are both three days.

    Quote:
    Event Type: Warning
    Event Source: DnsApi
    Event Category: None
    Event ID: 11163
    Date: 10/21/2011
    Time: 12:04:47 AM
    User: N/A
    Computer: computerName
    Description:
    The system failed to register host (A) resource records (RRs) for network adapter with settings:

    Adapter Name : {4289B34B-E624-4D58-89AC-19784205E70F}
    Host Name : computerName Primary Domain Suffix : company.com
    DNS server list :
    10.1.1.10, 10.1.1.11, 10.10.20.2
    Sent update to server : 10.1.1.1
    IP Address(es) :
    10.1.1.5

    The reason the system could not register these RRs was because the DNS server failed the update request. The most likely cause of this is that the authoritative DNS server required to process this update request has a lock in place on the zone, probably because a zone transfer is in progress.

    You can manually retry DNS registration of the network adapter and its settings by typing “ipconfig /registerdns” at the command prompt. If problems still persist, contact your DNS server or network systems administrator.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 2d 23 00 00 -#..

    Since this is widespread and running “ipconfig /registerdns” doesn’t seem to help, I don’t think a zone transfer in in progress.

    I ran dcdiag on a DC and got back the following result for each DC:

    Quote:
    DC: dc1.company.com
    Domain: company.com

    TEST: Delegations (Del)
    Error: DNS server: dc3.company.com. IP:10.10.20.2
    [Broken delegated domain company.com.company.com.]
    Error: DNS server: dc2.company.com. IP:10.1.1.11
    [Broken delegated domain company.com.company.com.]
    Error: DNS server: dc1.company.com. IP:10.1.1.10
    [Broken delegated domain company.com.company.com.]

    What does that mean and could it be related to our dynamic update failure?

    I supposed it goes without saying, but looking at the list of DNS entries on the server shows a bunch of mis-matches. How would I go about finding and fixing the source of this issue?

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.